Skip to content

GDPR Compliance & Data Protection Policy

Webxxs - GDPR Compliance & Data Protection Policy

Effective Date: January 2026
Company: Webxxs, owned and operated by Webxxs Services Ltd (“Webxxs”, “we”, “our”, “us”)
Contact: [contact@webxxs.com / Suit A, 82 James Carter Road, Mildenhall, IP28 7DE]

This policy explains how Webxxs collects, stores, processes, and protects personal data in compliance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. It applies to all clients, leads, and visitors using our services, including website design, HubSpot CRM, sales funnels, aftercare packages, print media, social media management, corporate documentation, and professional network introductions.

1. Data We Collect

We may collect the following personal data:

  • Contact Details: Name, email address, phone number, and business address.
  • Business Information: Company name, branding, website, and marketing objectives.
  • Account & Subscription Data: Login credentials, CRM records, and subscription details.
  • Payment Information: Credit/debit card and banking details for invoicing.
  • Communications Data: Emails, calls, or messages with our team.
  • Usage Data: Website interactions, analytics, and marketing engagement data.

2. Purpose of Processing

We process personal data to:

  • Provide and manage our services (websites, CRM, lead generation, funnels, and aftercare).
  • Process payments and manage subscriptions.
  • Communicate project updates, support, and promotional information (with consent where required).
  • Maintain business records and corporate documentation.
  • Connect clients with our professional network, if agreed.
  • Comply with legal obligations.

3. Legal Basis for Processing

Webxxs processes your personal data based on:

  • Contractual Necessity: To deliver services agreed with the client.
  • Consent: For marketing communications, cookies, and promotions.
  • Legitimate Interests: To maintain and improve our services, ensure security, and manage business relationships.
  • Legal Obligations: To comply with laws and regulatory requirements.

4. Sharing Personal Data

We will never sell your personal information. Data may be shared with:

  • Third-Party Service Providers: Hosting, CRM platforms (HubSpot), analytics, payment processing, and marketing platforms.
  • Professional Network Connections: Only when explicitly requested and agreed.
  • Legal Authorities: When required by law or to protect our legal rights.

All third parties are required to maintain data security and only use data for the purposes specified by Webxxs.

5. Data Retention

We retain personal data only for as long as necessary to provide services, comply with legal obligations, and resolve disputes. Subscription client data is retained for the duration of the subscription plus any legally required retention period afterward.

6. Your GDPR Rights

Under UK GDPR, you have the right to:

  1. Access the personal data we hold about you.
  2. Correct inaccurate or incomplete data.
  3. Request erasure of personal data where lawful.
  4. Restrict processing of your data under certain circumstances.
  5. Object to processing for marketing or legitimate interests.
  6. Data portability – request your data in a structured, commonly used format.
  7. Withdraw consent for marketing communications at any time.

Requests can be submitted to: [Insert Email]. We will respond within the statutory timeframe of 1 month.

7. Data Security

We implement appropriate technical and organisational measures to protect personal data, including:

  • Secure storage and restricted access to sensitive information.
  • Encryption for digital data where applicable.
  • Regular system monitoring to prevent unauthorised access, loss, or misuse.

8. Cookies and Tracking

We use cookies and tracking technologies to:

  • Improve website performance and user experience.
  • Analyse visitor interactions for marketing and reporting purposes.
  • Deliver personalised content and marketing messages (with consent).

You can manage or disable cookies via your browser settings.

9. Third-Party Links

Our services may include links to third-party websites. Webxxs is not responsible for the privacy practices of these external sites. We encourage reviewing the privacy policies of any third-party websites you visit.

10. Breach Notification

In the unlikely event of a data breach involving your personal information, Webxxs will comply with UK GDPR requirements to notify the Information Commissioner’s Office (ICO) and affected individuals when necessary.

11. Policy Updates

Webxxs may update this GDPR policy from time to time to reflect changes in services, legal obligations, or data practices. Updated policies will be published on our website with the revised effective date.

12. Contact Information

For questions, concerns, or to exercise your rights:

Webxxs Services Ltd
Suit A, 82 James Carter Road, Mildenhall, IP28 7DE
Contact@webxxs.com
07572750046